Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More

Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Security Capture the Flag Competitions

Many people look at capture the flag competitions with varying reactions. Some look at them as ways for groups to show off. Others look at them with disdain wondering why someone would want to brag about the ability to break into computers. There are a very large number of who view the participants with a some measure of awe. They take the attitude of "I could never do that".

The most famous security capture the flag competition is held each year at the Defcon Security Conference. I have been attending Defcon for 11 years now, and that competition has always been one of the highlights of my experiences.

During the first couple years, I would wander into the competition area, and watch, hoping someone would tell me what was going on. The teams participating would see me first as a spy looking to gain information from them. They would shoo me away. Trying to watch their screens didn't go over much better. Once in a while I would be able to talk to one of the team "members" who wasn't really participating, but their knowledge of how the game actually worked was limited. The organizers didn't exactly see a benefit to providing information to the public either. It is my belief that more than a little of this attitude stemmed from them wanting to maintain an air of mystery around the competition. And with all the work I know they put in to make both the qualification round, and the main competitions a success I think they deserve a little swagger. Kudos to DDtek, the group who has been organizing the competition for the past couple years.

I got my first big break when a friend was invited to play with a team who was short-handed. He vouched for me, and for the first time I actually found out how the game worked. I got to help with reversing a service, and weaponizing a vulnerability into something that we could use to score points. We didn't win, but that gave me a taste of what it was all about.

The next year I was invited to try to compete as part of a team local to my area. We came close to qualifying a couple years in a row, but didn't quite make it. Each year we would tell ourselves that maybe it was for the best since we weren't terribly confident that we could put on a good showing. Besides CTF takes a lot of work, and we weren't sure we were committed to devoting that much potential party time. But every year members of our team were able to latch onto another team, and work with them. These teams didn't share all of their "special sauce" with us, but at least we got to see what was going on each year.

On the plus side we got to see a bit about the what would be needed from an organizational standpoint. We saw things that worked. We saw grand ideas that ended up flaming out. And most importantly we got to learn from each other.

That is probably my favorite part about these competitions. As a consultant I spend much of my time working on various pieces of security for clients. I sometimes have the chance to develop custom tools and techniques for a given situation. Unfortunately they are almost always tied to a specific client, and I can't share them without revealing information that isn't public. In the same way, many of my peers know some really cool things that they can't teach me because we don't have the right environment. Capture the flag is great because we get to work together without worrying about industry competition issues. We can share techniques, tools, and experiences that we can apply to the benefit of our future clients. We all come away with new skills, and a greater motivation to finish of that project that would have made all the difference for our team.

This year my local team was able to qualify. In future posts I will be covering more about the setup of the Defcon competition. I will talk about how qualifications work, and some of the stresses involved in it. I will also share what it's like being on the other side of the table, trying to work on something that is consuming all of my attention while spies are trying to weasel information out of me.

Hopefully someone may find it interesting and might even look into connecting with a team. You can never have too many people.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo